Suchergebnisse für: communication

Neue Suche benötigt?

Wenn Sie keine passenden Treffer gefunden haben, versuchen Sie eine neue Suche!

How COVID-19 is changing the future of cyber resilience through remote working

Von |2021-08-23T15:43:38+02:00 23 August, 2021|Interest|

One of the clear impacts of the COVID-19 pandemic is that it has forced many organizations to resort to remote work; and this could have an irreversible impact on future work practices - and cyber resilience. The COVID-19 crisis will undoubtedly have a lasting impact on the way most organizations operate, as work life and operational structures are forced to change dramatically. One of the most obvious changes brought about by the COVID-19 pandemic is the increase in remote work. This development, brought about by the need to reduce physical contact and the spread of infection between people, is likely to remain a feature of modern life even after the worst of the pandemic is over. A key reason for this changing dynamic is that COVID-19 has shown many companies the benefits of virtual online communications. In particular, many companies have seen how effective remote work can be, [...]

Business continuity management as the key to cyber security

Von |2021-08-19T08:37:59+02:00 19 August, 2021|Interest|

Resilience to cyberattacks requires much more than protective, defensive security tools and training. Resilience is also about the ability to recover quickly. Therefore, it must always include business continuity management activities. It's time to redefine the role of chief information security officers (CISOs) and budget accordingly. Although prevention is key to limiting cyberattacks, the question is whether it alone is enough. Cyberattacks are constantly increasing in number and severity. A chief information security officer is responsible for prevention, but we believe a CISO should also feel responsible for business continuity and crisis communication: The ability to respond so the business can return to business as usual as quickly as possible is a much more realistic goal than preventing attacks entirely. The goal: Detect, respond, recover and improve. But how can an organization respond to an attack while still planning for its future? By not separating preventive measures and [...]

Is COVID-19 really a „Black Swan“?

Von |2021-08-18T13:27:29+02:00 18 August, 2021|Interest|

Many commentators referred to the COVID-19 pandemic as a "Black Swan" event. However, this is a misunderstanding of what a Black Swan actually is. Understanding the difference moves COVID-19 from the list of events for which governments and organizations could not prepare to the list of events for which they should have prepared. What are Black Swans? The theory of Black Swan events was developed to categorize unpredictable high-impact events. Nassim Nicholas Taleb first proposed the term in his 2001 book Fooled by Randomness. In 2007, he expanded the concept in his better-known book, "The Black Swan." According to Taleb, a Black Swan event has three characteristics: "First, it is an outlier, being outside the range of regular expectations, because nothing in the past can convincingly point to its possibility. Second, it has an extreme impact. Third, despite its outlier status, human nature lets us concoct explanations for [...]

Crisis management as strategic competence in companies

Von |2021-08-18T09:40:39+02:00 16 August, 2021|Interest, Norms & Standards|

The new technical specification DIN CEN/TS 17091:2019 "Crisis management - Guidance for developing a strategic capability" calls for a strategic approach to crisis management. " Development of a strategic capability" is a measure designed to help organizations build this important capability. In this article, we highlight four areas where the new technical specification promotes best practices and provides more detailed guidance.   Crisis management as a strategic competence It's not a question of if, but only a question of when things will go wrong. And once they do, an effective response will help keep the company on track. A study published by Aon and Pentland Analytics (Reputation Risk in the Cyber Age - The Impact on Shareholder Value, August 2018) shows that companies which respond effectively to a crisis will outperform those that do not in terms of shareholder value. Companies that view crisis management as a strategic [...]

mass panic vs. mass exodus

Von |2021-06-14T07:44:11+02:00 14 Juni, 2021|Interest|

The Love Parade in Düsseldorf, tragedies in Mecca, 9/11 and, as the latest example, the Lag Baomer festival at Meron Mountain in Israel. The media quickly speak of a mass panic when many people come together, there are bottlenecks or obstacles and the need to regain freedom of breath and movement or people feel a strong fear and try to flee from a situation. All this is mostly in combination with injured or even dead people. In Meron, there was talk of mass panic quickly after the incident occurred. During the celebration at the sanctuary of Mount Meron, 45 people died and quite a few were injured. This is the largest civil disaster in the history of Israel. According to initial findings, the disaster was triggered by a situation on a sloping ramp where people started to fall. Due to the density, a kind of domino effect was [...]

A plea for exercise

Von |2021-06-07T13:03:49+02:00 7 Juni, 2021|Uncategorized|

How an event that affects day-to-day business operations is handled has a significant impact on the extent of the damage. Therefore, not only should precautionary measures be implemented in the company in advance to keep the residual risk as low as possible, but reactive measures should also be planned. After all, there is no such thing as 100% safety and the residual risk will never be zero. In case of an event, there will be an impact on the company. However, the reactive side of emergency and crisis management should not only be available as a nice document for auditors, but should above all be handy and applicable. If the planned actions are not applicable, the impact of the event is reduced only imperceptibly or not at all. How handy the reactive side was actually planned cannot be checked only by a theoretical examination. It is also not [...]

Cyber Due Diligence

Von |2019-09-30T14:40:46+02:00 30 September, 2019|News|

The need for cyber due diligence in a merger or acquisition is more relevant than ever. On 9 July 2019, the UK Information Commissioner's Office (ICO) announced that it would issue Marriot International with a £99 million fine for breach of European data protection law under the European Data Protection Regulation (GDPR). The fine relates to a breach of Starwood Hotels, one of Marriot International's recent acquisitions. Over 500 million of its guests may have been affected. The ICO's report says "Marriot failed to exercise sufficient diligence in the Starwood acquisition and should have done more to secure its systems". This failure underscores the need for parent companies and investment firms to improve their management of the security and privacy risks associated with their acquisitions and subsidiaries and to reckon with appropriate sanctions. Mergers and acquisitions inevitably entail financial, legal and reputational risks. The Marriott case is one [...]

Emergency Management: Immediate action, business continuity, recovery – simply explained

Von |2019-09-23T14:08:47+02:00 22 September, 2019|Uncategorized|

Immediate Action Plan, Business Continuation, Recovery Emergency management has its own vocabulary. The graphic from the BSI 100-4 Emergency Management provides a good overview of the chronological sequence. We explain this using a simple example: You have planned a romantic dinner for your partner's birthday and are sitting at home in your living room opposite the dinner table. Suddenly, all four light bulbs of their ceiling lamp fail. Unexpectedly you face a crisis. The time until you notice the failure is the detection time. Ideally, this time is short. A smoke detector, for example, has a shorter detection time of a room fire than your sense of smell when you sleep. So, you are sitting in a pitch-dark room. While you are still thinking about what to do, your partner has already pulled out the smartphone, switched on the flashlight, placed it on a glass and continues to [...]

Supply chain: Risk assessment in general

Von |2019-07-19T19:20:25+02:00 19 Juli, 2019|Interest|

The mere consideration of financially oriented risks is no longer sufficient in today's logistics. Rather, aspects such as risk management, sustainability and social requirements are of great relevance as a result of society. Several studies show, however, that many companies have not yet implemented risk management, nor have plans been drawn up to do so. Medium-sized companies in particular are still hesitant to consider an introduction. The company management either lacks the necessary risk awareness, or the companies regard the resulting cost factor as too high. With regard to current challenges for supply chain management, globalization is often cited as the greatest challenge. As the world and its countries become more interconnected, supply chains are becoming more and more international. As a result, supply chains are becoming longer and more expensive and risk-prone. The effective counteraction and the installation of safeguards in a supply chain is on the [...]

The 5 most important points of a Business Impact Analysis

Von |2019-07-17T11:42:35+02:00 12 Februar, 2019|Uncategorized|

Completeness and timeliness: The list of all business impacts considered must be complete. In day-to-day business, the focus is primarily on operational details. The overall view is thus lost to a certain extent. In the strategic dimension of Business Impact Analysis (BIA), it is very important not to overlook assets or risks. Without a complete list of all processes involved, it is not possible to describe all risks and dependencies. It is crucial not only to consider the existing documentation situation, but also to make a target/actual comparison between documentation and reality. Undocumented processes such as "shadow IT" can represent an incalculable risk - those who do not include them in their business impact analysis have white spots on their map. Even outsourced processes must be considered. The same is true for up-to-dateness. The processes listed in the Business Impact Analysis must be up to date. Depending on [...]

Nach oben